in contextul <<"-A INPUT -m state --state ESTABLISHED,RELATED" o sa devina obsolete>>¹²³, nu reusesc sa ma prind care e diferenta intre "-m conntrack --ctstate ESTABLISHED,RELATED" si "-m conntrack --ctstatus SEEN_REPLY". am testat cu ceva de genul:
iptables -I INPUT 1 -i eth0 -p tcp --dport \! 22 -m conntrack --ctstate RELATED,ESTABLISHED -m comment --comment "test" -j LOG --log-prefix "INPUT-ctstate: " iptables -I INPUT 2 -i eth0 -p tcp --dport \! 22 -m conntrack --ctstatus EXPECTED,SEEN_REPLY -m comment --comment "test" -j LOG --log-prefix "INPUT-ctstatus: iar in loguri astea doua merg paralel, mina in mina, pe acelasi pachet, logheaza si unul, si celalalt light my way, please. ___ ¹ http://goo.gl/ODQaJ ² http://goo.gl/wG3nK ³ http://goo.gl/LV61M _______________________________________________ RLUG mailing list [email protected] http://lists.lug.ro/mailman/listinfo/rlug
